New IDAT Loader Attacks Use Steganography to Deliver Remcos RAT


Ukrainian entities in Finland have been targeted as part of a malicious campaign distributing the commercial remote access trojan Remcos RAT via a malware loader called IDAT Loader.

The attack was carried out by a threat actor known as UAC-0184, as tracked by the Computer Emergency Response Team of Ukraine. “The attack, as part of the IDAT Loader, used steganography as a technique,” Morphisec researcher Michael Dereviashkin told The Hacker News.

“While steganographic, or ‘Stego’ techniques are well-known, it is important to understand their roles in defense evasion, to better understand how to defend against such tactics.”

Read More: New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.